Internal

Pacific Northwest Chapter Status Report For 2012

ORGANIZATION
Our chapter has grown significantly since the 2011 Annual Report, with a majority of members having less than one year tenure. We have instituted regular face-to-face chapter dinner meetings to facilitate collaboration and on-boarding of new members. These will gradually increase in frequency (from every two months) to become a regularly scheduled monthly chapter meeting.
Members:
Chiraag Aval, M.S.
Chuck Costarella
David Dittrich - Transferred from Global Chapter.
Barbara Endicott-Popovsky, Ph.D.
Dennis Charles Grant - New Chapter Lead
Franklin Jackson - New member
Eliot Lim - New Member
Stuart Maclean - New Member
Ashish Malviya
Julia Narvaez
Raymond Pompon - New Member
Alex Railean - New Member
Lucas Reber
Michael Schweiger
Christian Seifert, Ph.D.
Mike Simon - New Member
Due to employment commitments, Julia Narvaez transferred the Chapter Lead role to D.C. Grant.

DEPLOYMENTS
- Two "HonEeeBoxes" received from David Watson at the 2012 Annual Honeynet Project Security Workshop.
- "Public Regional Information Security Event Management" system (PRISEM) designed to offer early warning on malicious activity. PRISEM uses customized security and information event management (SIEM) equipment housed in the University of Washington's Applied Physics Lab.

RESEARCH AND DEVELOPMENT
- Developed startup scripts for an hpfeeds client service on Ubuntu Linux and contributed it to the Honeynet mailing list.
- Master's thesis research on "Hardening Honeynets Against Honeypot Aware Botnet Attacks". To increase deception by allowing botnet attacks to pass unmodified out of the attacked node and propagate the attack to other nodes within the Honeynet, while containing traffic within a distributed Honeynet.
- SPEAR Cloud (Security, Policy, Education and Advanced Research Cloud) is expected to be deployed between now and January 2013. This will be a chapter resource after initial testing with UW affiliated members. This is being constructed using donated hardware and institutional support from collaboration between the UW Center for Information Assurance and Cybersecurity and UW Bothell Computing and Software Systems.
- Master's thesis research on "Cloud based Analysis". To improve malware analysis through use cloud technologies for increased performance, accuracy, scalability, and flexibility.
- New research collaboration with the Computing Research Association to study malware samples.
- UW Center for Information Assurance and Cybersecurity Named Research Partner Cloud Security Alliance (CSA).
With the recent and rapid growth of the PNW chapter, we anticipate a large growth in research and deployments during 2013 and 2014. When new virtual environments come online in 2013, we expect to deploy several of the excellent systems developed by other chapters.

MISC ACTIVITIES
- Chapter members are directly involved with the Collegiate Cyber Defense Competition and the United States Cyber Challenge.
- Several of chapter members are faculty, staff, students and/or guest lecturers at the University of Washington.
- D.C. Grant currently holds the office of Vice President in the Mt Rainier ISSA Chapter, and in the Mt Rainier ISACA Chapter.
- Dr. Endicott-Popovsky hosted the ICIW: 7th International Conference on Information Warfare and Security, Seattle March 2012.
- Dr. Endicott-Popovsky was named Full Member American Academy of Forensic Scientists: Digital & Multimedia Sciences Section.
- Dr. Endicott-Popovsky was selected for National Board of Information Security Examiners (NBISE) Smart Grid Cybersecurity Committee.
- David Dittrich formed a Honeynet Legal and Ethics Committee and started debating a "Code of Conduct."
- David Dittrich formed a writing group for a KYE on data sharing. An email list was set up on the internal server to facilitate co-writing.

GOALS
Our chapter's main goal for 2012 will be to integrate the new membership to become a more productive and efficient team. We are blessed to have a couple of very experienced original Honeynet members to help mentor to and guide the larger group: founding member and Chief Legal and Ethics Officer David Dittrich and founding member and Chief Executive Christian Seifert.

The SPEAR Cloud (Security, Policy, Education and Advanced Research Cloud) discussed briefly above will be also a major focus. This endeavor could potentially develop into a resource for many diverse Honeynet research projects in the long-term future.